Computer locks. Logging on/off problems

April 30, 2009 at 00:54:55
Specs: Windows Vista, 2Ghz 2Gb
A laptop at work has started playing up. It
slowed down to a crawl and became
unresponsive. On rebooting it never got to the
login screen, just the circle going round and
round. Boot in safe mode ok but will not reboot
or shutdown, gets stuck at the logging off
screen. I can will send more details tomorrow
but it smells a bit like a virus to me.
Any quick ideas before I have a further look
tomorrow?
Cheers
Garyb1971


See More: Computer locks. Logging on/off problems

Report •


#1
April 30, 2009 at 05:21:36
Hijackthis log as follows

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 13:18:55, on 30/04/2009
Platform: Windows Vista SP1 (WinNT 6.00.1905)
MSIE: Internet Explorer v7.00 (7.00.6001.18000)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskeng.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\TOSHIBA\Utilities\KeNotify.exe
C:\Windows\RtHDVCpl.exe
C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
C:\Program Files\TOSHIBA\ConfigFree\NDSTray.exe
C:\Program Files\IDM\Desktop SMS\DesktopSMS.exe
C:\Program Files\TOSHIBA\Toshiba Online Product
Information\TOPI.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\Intel\Intel Matrix Storage
Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Java\jre6\bin\jusched.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\TOSCDSPD\TOSCDSPD.exe
C:\Program
Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\Windows\system32\igfxsrvc.exe
C:\Program Files\Xarios\Phone Manager\PhoneManager.exe
C:\Program Files\Synaptics\SynTP\SynToshiba.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\TOSHIBA\ConfigFree\CFSwMgr.exe
C:\Program Files\Windows Mail\WinMail.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\Trend Micro\HijackThis\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL = http://www.google.co.uk
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search
Page = http://go.microsoft.com/fwlink/?Lin...
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start
Page = http://www.google.co.uk
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Page_URL = http://www.google.co.uk
R1 - HKLM\Software\Microsoft\Internet
Explorer\Main,Default_Search_URL =
http://go.microsoft.com/fwlink/?Lin...
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search
Page = http://go.microsoft.com/fwlink/?Lin...
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start
Page = http://www.google.co.uk
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet
Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet
Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-
7695ECA05670} - (no file)
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-
C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program
Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll
O2 - BHO: WormRadar.com IESiteBlocker.NavFilter -
{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program
Files\AVG\AVG8\avgssie.dll (file missing)
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-
8333-CF10577473F7} - C:\Program Files\Google\Google
Toolbar\GoogleToolbar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-
4638-B6FA-CE66B5AD205D} - C:\Program
Files\Google\GoogleToolbarNotifier\5.1.1309.3572\swg.dll
O2 - BHO: Google Dictionary Compression sdch -
{C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program
Files\Google\Google
Toolbar\Component\fastsearch_219B3E1547538286.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-
435b-BC74-9C25C1C588A9} - C:\Program
Files\Java\jre6\bin\jp2ssv.dll
O3 - Toolbar: &Google Toolbar - {2318C2B1-4965-11d4-9B18-
009027A5CD4F} - C:\Program Files\Google\Google
Toolbar\GoogleToolbar.dll
O4 - HKLM\..\Run: [Windows Defender]
%ProgramFiles%\Windows Defender\MSASCui.exe -hide
O4 - HKLM\..\Run: [KeNotify] C:\Program
Files\TOSHIBA\Utilities\KeNotify.exe
O4 - HKLM\..\Run: [SVPWUTIL] C:\Program
Files\TOSHIBA\Utilities\SVPWUTIL.exe SVPwUTIL
O4 - HKLM\..\Run: [HWSetup] \HWSetup.exe hwSetUP
O4 - HKLM\..\Run: [RtHDVCpl] RtHDVCpl.exe
O4 - HKLM\..\Run: [TPwrMain]
%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
O4 - HKLM\..\Run: [HSON]
%ProgramFiles%\TOSHIBA\TBS\HSON.exe
O4 - HKLM\..\Run: [SmoothView]
%ProgramFiles%\Toshiba\SmoothView\SmoothView.exe
O4 - HKLM\..\Run: [00TCrdMain]
%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
O4 - HKLM\..\Run: [NDSTray.exe] NDSTray.exe
O4 - HKLM\..\Run: [Desktop SMS] C:\Program
Files\IDM\Desktop SMS\DesktopSMS.exe /auto
O4 - HKLM\..\Run: [topi] C:\Program Files\TOSHIBA\Toshiba
Online Product Information\topi.exe -startup
O4 - HKLM\..\Run: [IgfxTray]
C:\Windows\system32\igfxtray.exe
O4 - HKLM\..\Run: [HotKeysCmds]
C:\Windows\system32\hkcmd.exe
O4 - HKLM\..\Run: [Persistence]
C:\Windows\system32\igfxpers.exe
O4 - HKLM\..\Run: [Apoint] C:\Program
Files\Apoint2K\Apoint.exe
O4 - HKLM\..\Run: [Toshiba Registration] C:\Program
Files\Toshiba\Registration\ToshibaRegistration.exe
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel
Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [Adobe Reader Speed Launcher]
"C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe"
O4 - HKLM\..\Run: [SynTPEnh] C:\Program
Files\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program
Files\Java\jre6\bin\jusched.exe"
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows
Sidebar\sidebar.exe /autoRun
O4 - HKCU\..\Run: [TOSCDSPD] TOSCDSPD.EXE
O4 - HKCU\..\Run: [swg] C:\Program
Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
O4 - HKUS\S-1-5-19\..\Run: [Sidebar]
%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
(User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\Run: [WindowsWelcomeCenter]
rundll32.exe oobefldr.dll,ShowWelcomeCenter (User 'LOCAL
SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar]
%ProgramFiles%\Windows Sidebar\Sidebar.exe /detectMem
(User 'NETWORK SERVICE')
O4 - Global Startup: Phone Manager.lnk = C:\Program
Files\Xarios\Phone Manager\PhoneManager.exe
O4 - Global Startup: Yahoo! Games
O9 - Extra button: eBay.co.uk - Buy It Sell It Love It -
{76577871-04EC-495E-A12B-91F7C3600AFA} -
http://rover.ebay.com/rover/1/710-4... (file
missing)
O9 - Extra button: Amazon.co.uk - {8A918C1D-E123-4E36-
B562-5C1519E434CE} -
http://www.amazon.co.uk/exec/obidos...
tag=Toshibaukbholink-21&site=home (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-
3C9C571A8263} -
C:\PROGRA~1\MICROS~1\Office12\REFIEBAR.DLL
O9 - Extra button: eBay - {C08CAF1D-C0A3-40D5-9970-
06D067EAC017} - http://www.webtip.ch/cgi-
bin/toshiba/tracker_url.pl?EN (file missing)
O13 - Gopher Prefix:
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9}
(SpinTop DRM Control) -
file:///C:/Program%20Files/SCRABBLE/Images/stg_drm.ocx
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54}
(ArmHelper Control) -
file:///C:/Program%20Files/SCRABBLE/Images/armhelper.ocx
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
(Shockwave Flash Object) -
http://fpdownload2.macromedia.com/g...
h/swflash.cab
O17 - HKLM\System\CCS\Services\Tcpip\Parameters:
Domain = dig.local
O17 - HKLM\Software\..\Telephony: DomainName = dig.local
O17 - HKLM\System\CCS\Services\Tcpip\..\{0CDFD05E-
63BB-412A-85FC-5BBA5E2AF443}: NameServer =
85.255.0.0,85.255.0.0
O17 - HKLM\System\CCS\Services\Tcpip\..\{A4BEB783-
F89D-41B9-A545-1E3A204A1655}: NameServer =
85.255.0.0,85.255.0.0
O17 - HKLM\System\CS1\Services\Tcpip\Parameters:
Domain = dig.local
O17 - HKLM\System\CS1\Services\Tcpip\Parameters:
NameServer = 85.255.0.0,85.255.0.0
O17 - HKLM\System\CS1\Services\Tcpip\..\{0CDFD05E-
63BB-412A-85FC-5BBA5E2AF443}: NameServer =
85.255.0.0,85.255.0.0
O17 - HKLM\System\CS2\Services\Tcpip\Parameters:
Domain = dig.local
O17 - HKLM\System\CS2\Services\Tcpip\Parameters:
NameServer = 85.255.0.0,85.255.0.0
O17 - HKLM\System\CS2\Services\Tcpip\..\{0CDFD05E-
63BB-412A-85FC-5BBA5E2AF443}: NameServer =
85.255.0.0,85.255.0.0
O17 - HKLM\System\CCS\Services\Tcpip\Parameters:
NameServer = 85.255.0.0,85.255.0.0
O23 - Service: Agere Modem Call Progress Audio
(AgereModemAudio) - Agere Systems -
C:\Windows\system32\agrsmsvc.exe
O23 - Service: ConfigFree Service (CFSvcs) - TOSHIBA
CORPORATION - C:\Program
Files\TOSHIBA\ConfigFree\CFSvcs.exe
O23 - Service: Google Updater Service (gusvc) - Google -
C:\Program Files\Google\Common\Google
Updater\GoogleUpdaterService.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor
(IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel
Matrix Storage Manager\IAANTMon.exe
O23 - Service: InstallDriver Table Manager (IDriverT) -
Macrovision Corporation - C:\Program Files\Common
Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Pervasive PSQL Client Engine (psqlCE) -
Unknown owner - C:\Program Files\Pervasive
Software\PSQL\bin\w3dbsmgr.exe
O23 - Service: TOSHIBA Navi Support Service (TNaviSrv) -
TOSHIBA Corporation - C:\Program Files\TOSHIBA\TOSHIBA
DVD PLAYER\TNaviSrv.exe
O23 - Service: TOSHIBA Optical Disc Drive Service
(TODDSrv) - TOSHIBA Corporation -
C:\Windows\system32\TODDSrv.exe
O23 - Service: TOSHIBA Power Saver (TosCoSrv) - TOSHIBA
Corporation - C:\Program Files\TOSHIBA\Power
Saver\TosCoSrv.exe
O23 - Service: TOSHIBA Bluetooth Service - Unknown owner -
c:\Program Files\Toshiba\Bluetooth Toshiba
Stack\TosBtSrv.exe (file missing)

--
End of file - 9271 bytes


Report •
Related Solutions


Ask Question